Today’s Cyber Threat Level: BLUE /GUARDED
The Cyber Alert Level remains at Blue (Guarded):
On March 19, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to multiple vulnerabilities in Santesoft and Apache products.
On March 18, the MS-ISAC released an advisory for a vulnerability in Apache Tomcat, which could allow for remote code executive. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.
On March 14, the MS-ISAC released an advisory for multiple vulnerabilities in Sante PACS Server, the most severe of which could allow for remote code execution.
On March 12, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to multiple vulnerabilities in Google, Fortinet, Microsoft, Adobe, and Mozilla products.
On March 11, the MS-ISAC released six advisories. The first advisory was for multiple vulnerabilities in Google Chrome, the most severe of which could allow for arbitrary code execution. The second advisory was for multiple vulnerabilities in Fortinet products, the most severe of which could allow for remote code execution. The third advisory was for multiple vulnerabilities in Microsoft products, the most severe of which could allow for remote code execution. The fourth advisory was for multiple vulnerabilities in Adobe products, the most severe of which could allow for arbitrary code execution. The fifth advisory was for multiple vulnerabilities in Mozilla products, the most severe of which could allow for arbitrary code execution. The sixth advisory was for multiple vulnerabilities in Google Android OS, the most severe of which could allow for remote code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.On March 5, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to multiple vulnerabilities in multiple Industrial Control System (ICS) products.
On March 4, the Cybersecurity and Infrastructure Security Agency (CISA) released eight advisories for multiple vulnerabilities affecting Carrier, Keysight, Hitachi, Delta Electronics, GMOD, and Edimax products. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.
On February 26, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Google Chrome and an advisory on widespread ransomware activities.
On February 12, the MS-ISAC released an advisory for multiple vulnerabilities in Google Chrome, the most severe of which could allow for arbitrary code execution.
On February 19, the Cybersecurity and Infrastructure Security Agency (CISA) and the MS-ISAC released a joint advisory as part of the #StopRansomware campaign providing information and indicators of compromise from recent widespread cyber-attacks utilizing the Ghost ransomware. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources
On February 5, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in SimpleHelp and Google products. On January 30, the MS-ISAC released an advisory for multiple vulnerabilities in SimepleHelp RMM, the most severe of which could allow for arbitrary code execution.
On February 4, the MS-ISAC released an advisory for multiple vulnerabilities in Google Android OS, the most severe of which could allow for privilege escalation. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.
The Cyber Threat Level indicator displays the current level of malicious cyber activity and indicates the potential for or actual damage. The indicator comprises 5 levels:
Red or Severe Cyber Threat Level
Indicates a severe risk of hacking, virus, or other malicious activity resulting in widespread outages and/or significantly destructive compromises to systems with no known remedy or debilitating one or more critical infrastructure sectors. At this level, vulnerabilities are being exploited with severe or widespread damage or disruption of Critical Infrastructure Assets.
Orange or High Level
Indicates a high risk of increased hacking, virus, or other malicious cyber activity that targets or compromises core infrastructure, causes multiple service outages, multiple system compromises, or compromises critical infrastructure. At this level, vulnerabilities are being exploited with a high level of damage or disruption, or the potential for severe damage or disruption is high.
Yellow or Elevated Level
This indicates a significant risk due to increased hacking, viruses, or malicious activity that compromises systems or diminishes service. At this level, known vulnerabilities are being exploited with a moderate level of damage or disruption, or the potential for significant damage or disruption is high.
Blue or Guarded Cyber Threat Level
Indicates a general risk of increased hacking, viruses, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified or known exploits have been identified, but no significant impact has occurred.
Green or Low Cyber Threat Level
Indicates a low risk.
Contact Commonwealth Sentinel to learn more about how the Cyber Threat Level affects your organization and what steps you can take to lower your Level.